<?php

//////////////////////////////////////////////////////////////
///  phpThumb() by James Heinrich <info@silisoftware.com>   //
//        available at http://phpthumb.sourceforge.net     ///
//////////////////////////////////////////////////////////////
///                                                         //
// See: phpthumb.changelog.txt for recent changes           //
// See: phpthumb.readme.txt for usage instructions          //
//                                                         ///
//////////////////////////////////////////////////////////////

error_reporting(E_ALL);
ini_set('display_errors', '1');
ini_set('magic_quotes_runtime', '0');
if (ini_get('magic_quotes_runtime')) {
    die('"magic_quotes_runtime" is set in php.ini, cannot run phpThumb with this enabled');
}
$starttime = array_sum(explode(' ', microtime()));

// this script relies on the superglobal arrays, fake it here for old PHP versions
if (phpversion() < '4.1.0') {
    $_SERVER = $HTTP_SERVER_VARS;
    $_GET = $HTTP_GET_VARS;
}

if (empty($_REQUEST['src'])) {
    die();
}
if (false && !empty($_COOKIE['resolution'])) {
    list($taille, $ratio) = explode(',', $_COOKIE['resolution']);
    if ($ratio > 1) {
        /**
         * Si on a un ecran retina on augmente la definition de l'image
         */
        $_GET['w'] = $_REQUEST['w'] = round($_GET['w'] * $ratio);
        $_GET['h'] = $_REQUEST['h'] = round($_GET['h'] * $ratio);
        $_SERVER['REQUEST_URI'] .= '&fltr[]=ratio' . $ratio;
    }

    /**
     * Si on demande une image plus grande que la taille de l'écran ..
     * On la retrecie
     */
    if ($_GET['w'] * $ratio > $taille) {
        $ratio = 1;
        if (!empty($_GET['zc'])) {

            # Si on demande une taille exacte
            # On applique le ratio initial             
            $ratioIMG = $_GET['w'] / $_GET['h'];
            $_GET['w'] = $_REQUEST['w'] = round($taille * $ratio);
            $_GET['h'] = $_REQUEST['h'] = round($_GET['w'] / $ratioIMG);
            $_SERVER['REQUEST_URI'] .= '&fltr[]=size' . $_GET['w'] . 'x' . $_GET['h'];
        } else {
            # Sinon on ne change que la largeur
            $_GET['w'] = $_REQUEST['w'] = $taille * $ratio;
            $_SERVER['REQUEST_URI'] .= '&fltr[]=size' . $_GET['w'] . 'x' . $_GET['h'];
        }
    }
}

function SendSaveAsFileHeaderIfNeeded() {
    if (headers_sent()) {
        return false;
    }
    global $phpThumb;
    $downloadfilename = phpthumb_functions::SanitizeFilename(@$_GET['sia'] ? $_GET['sia'] : (@$_GET['down'] ? $_GET['down'] : 'phpThumb_generated_thumbnail' . (@$_GET['f'] ? $_GET['f'] : 'jpg')));
    if (@$downloadfilename) {
        $phpThumb->DebugMessage('SendSaveAsFileHeaderIfNeeded() sending header: Content-Disposition: ' . (@$_GET['down'] ? 'attachment' : 'inline') . '; filename="' . $downloadfilename . '"', __FILE__, __LINE__);
        header('Content-Disposition: ' . (@$_GET['down'] ? 'attachment' : 'inline') . '; filename="' . $downloadfilename . '"');
    }
    return true;
}

function PasswordStrength($password) {
    $strength = 0;
    $strength += strlen(preg_replace('#[^a-z]#', '', $password)) * 0.5; // lowercase characters are weak
    $strength += strlen(preg_replace('#[^A-Z]#', '', $password)) * 0.8; // uppercase characters are somewhat better
    $strength += strlen(preg_replace('#[^0-9]#', '', $password)) * 1.0; // numbers are somewhat better
    $strength += strlen(preg_replace('#[a-zA-Z0-9]#', '', $password)) * 2.0; // other non-alphanumeric characters are best
    return $strength;
}

function RedirectToCachedFile() {
    global $phpThumb, $PHPTHUMB_CONFIG;

    $nice_cachefile = str_replace(DIRECTORY_SEPARATOR, '/', $phpThumb->cache_filename);
    $nice_docroot = str_replace(DIRECTORY_SEPARATOR, '/', rtrim($PHPTHUMB_CONFIG['document_root'], '/\\'));

    $parsed_url = phpthumb_functions::ParseURLbetter(@$_SERVER['HTTP_REFERER']);

    $nModified = filemtime($phpThumb->cache_filename);

    if ($phpThumb->config_nooffsitelink_enabled && @$_SERVER['HTTP_REFERER'] && !in_array(@$parsed_url['host'], $phpThumb->config_nooffsitelink_valid_domains)) {

        $phpThumb->DebugMessage('Would have used cached (image/' . $phpThumb->thumbnailFormat . ') file "' . $phpThumb->cache_filename . '" (Last-Modified: ' . gmdate('D, d M Y H:i:s', $nModified) . ' GMT), but skipping because $_SERVER[HTTP_REFERER] (' . @$_SERVER['HTTP_REFERER'] . ') is not in $phpThumb->config_nooffsitelink_valid_domains (' . implode(';', $phpThumb->config_nooffsitelink_valid_domains) . ')', __FILE__, __LINE__);
    } elseif ($phpThumb->phpThumbDebug) {

        $phpThumb->DebugTimingMessage('skipped using cached image', __FILE__, __LINE__);
        $phpThumb->DebugMessage('Would have used cached file, but skipping due to phpThumbDebug', __FILE__, __LINE__);
        $phpThumb->DebugMessage('* Would have sent headers (1): Last-Modified: ' . gmdate('D, d M Y H:i:s', $nModified) . ' GMT', __FILE__, __LINE__);
        if ($getimagesize = @GetImageSize($phpThumb->cache_filename)) {
            $phpThumb->DebugMessage('* Would have sent headers (2): Content-Type: ' . phpthumb_functions::ImageTypeToMIMEtype($getimagesize[2]), __FILE__, __LINE__);
        }
        if (preg_match('#^' . preg_quote($nice_docroot) . '(.*)$#', $nice_cachefile, $matches)) {
            $phpThumb->DebugMessage('* Would have sent headers (3): Location: ' . dirname($matches[1]) . '/' . urlencode(basename($matches[1])), __FILE__, __LINE__);
        } else {
            $phpThumb->DebugMessage('* Would have sent data: readfile(' . $phpThumb->cache_filename . ')', __FILE__, __LINE__);
        }
    } else {

        if (headers_sent()) {
            $phpThumb->ErrorImage('Headers already sent (' . basename(__FILE__) . ' line ' . __LINE__ . ')');
            exit;
        }
        SendSaveAsFileHeaderIfNeeded();

        header('Last-Modified: ' . gmdate('D, d M Y H:i:s', $nModified) . ' GMT');
        if (@$_SERVER['HTTP_IF_MODIFIED_SINCE'] && ($nModified == strtotime($_SERVER['HTTP_IF_MODIFIED_SINCE'])) && @$_SERVER['SERVER_PROTOCOL']) {
            header($_SERVER['SERVER_PROTOCOL'] . ' 304 Not Modified');
            exit;
        }

        if ($getimagesize = @GetImageSize($phpThumb->cache_filename)) {
            header('Content-Type: ' . phpthumb_functions::ImageTypeToMIMEtype($getimagesize[2]));
        } elseif (preg_match('#\\.ico$#i', $phpThumb->cache_filename)) {
            header('Content-Type: image/x-icon');
        }
        if (!@$PHPTHUMB_CONFIG['cache_force_passthru'] && preg_match('#^' . preg_quote($nice_docroot) . '(.*)$#', $nice_cachefile, $matches)) {
            header('Location: ' . dirname($matches[1]) . '/' . urlencode(basename($matches[1])));
        } else {
            @readfile($phpThumb->cache_filename);
        }
        exit;
    }
    return true;
}

// instantiate a new phpThumb() object
ob_start();
if (!include_once(dirname(__FILE__) . '/phpthumb.class.php')) {
    ob_end_flush();
    die('failed to include_once("' . realpath(dirname(__FILE__) . '/phpthumb.class.php') . '")');
}
ob_end_clean();

$phpThumb = new phpThumb();
$phpThumb->DebugTimingMessage('phpThumb.php start', __FILE__, __LINE__, $starttime);
$phpThumb->SetParameter('config_error_die_on_error', true);

if (!phpthumb_functions::FunctionIsDisabled('set_time_limit')) {
    set_time_limit(60);  // shouldn't take nearly this long in most cases, but with many filters and/or a slow server...
}

// phpThumbDebug[0] used to be here, but may reveal too much
// info when high_security_mode should be enabled (not set yet)

if (file_exists(dirname(__FILE__) . '/phpThumb.config.php')) {
    ob_start();
    if (include_once(dirname(__FILE__) . '/phpThumb.config.php')) {
        // great
    } else {
        ob_end_flush();
        $phpThumb->config_disable_debug = false; // otherwise error message won't print
        $phpThumb->ErrorImage('failed to include_once(' . dirname(__FILE__) . '/phpThumb.config.php) - realpath="' . realpath(dirname(__FILE__) . '/phpThumb.config.php') . '"');
    }
    ob_end_clean();
} elseif (file_exists(dirname(__FILE__) . '/phpThumb.config.php.default')) {
    $phpThumb->config_disable_debug = false; // otherwise error message won't print
    $phpThumb->ErrorImage('Please rename "phpThumb.config.php.default" to "phpThumb.config.php"');
} else {
    $phpThumb->config_disable_debug = false; // otherwise error message won't print
    $phpThumb->ErrorImage('failed to include_once(' . dirname(__FILE__) . '/phpThumb.config.php) - realpath="' . realpath(dirname(__FILE__) . '/phpThumb.config.php') . '"');
}

if (empty($PHPTHUMB_CONFIG['disable_pathinfo_parsing']) && (empty($_GET) || isset($_GET['phpThumbDebug'])) && !empty($_SERVER['PATH_INFO'])) {
    $_SERVER['PHP_SELF'] = str_replace($_SERVER['PATH_INFO'], '', @$_SERVER['PHP_SELF']);

    $args = explode(';', substr($_SERVER['PATH_INFO'], 1));
    $phpThumb->DebugMessage('PATH_INFO.$args set to (' . implode(')(', $args) . ')', __FILE__, __LINE__);
    if (!empty($args)) {
        $_GET['src'] = @$args[count($args) - 1];
        $phpThumb->DebugMessage('PATH_INFO."src" = "' . $_GET['src'] . '"', __FILE__, __LINE__);
        if (preg_match('#^new\=([a-z0-9]+)#i', $_GET['src'], $matches)) {
            unset($_GET['src']);
            $_GET['new'] = $matches[1];
        }
    }
    if (preg_match('#^([0-9]*)x?([0-9]*)$#i', @$args[count($args) - 2], $matches)) {
        $_GET['w'] = $matches[1];
        $_GET['h'] = $matches[2];
        $phpThumb->DebugMessage('PATH_INFO."w"x"h" set to "' . $_GET['w'] . '"x"' . $_GET['h'] . '"', __FILE__, __LINE__);
    }
    for ($i = 0; $i < count($args) - 2; $i++) {
        @list($key, $value) = explode('=', @$args[$i]);
        if (substr($key, -2) == '[]') {
            $array_key_name = substr($key, 0, -2);
            $_GET[$array_key_name][] = $value;
            $phpThumb->DebugMessage('PATH_INFO."' . $array_key_name . '[]" = "' . $value . '"', __FILE__, __LINE__);
        } else {
            $_GET[$key] = $value;
            $phpThumb->DebugMessage('PATH_INFO."' . $key . '" = "' . $value . '"', __FILE__, __LINE__);
        }
    }
}

if (!empty($PHPTHUMB_CONFIG['high_security_enabled'])) {
    if (empty($_GET['hash'])) {
        $phpThumb->config_disable_debug = false; // otherwise error message won't print
        $phpThumb->ErrorImage('ERROR: missing hash');
    } elseif (PasswordStrength($PHPTHUMB_CONFIG['high_security_password']) < 20) {
        $phpThumb->config_disable_debug = false; // otherwise error message won't print
        $phpThumb->ErrorImage('ERROR: $PHPTHUMB_CONFIG[high_security_password] is not complex enough');
    } elseif ($_GET['hash'] != md5(str_replace('&hash=' . $_GET['hash'], '', $_SERVER['QUERY_STRING']) . $PHPTHUMB_CONFIG['high_security_password'])) {
        sleep(10); // deliberate delay to discourage password-guessing
        $phpThumb->config_disable_debug = false; // otherwise error message won't print
        $phpThumb->ErrorImage('ERROR: invalid hash');
    }
}

////////////////////////////////////////////////////////////////
// Debug output, to try and help me diagnose problems
$phpThumb->DebugTimingMessage('phpThumbDebug[0]', __FILE__, __LINE__);
if (isset($_GET['phpThumbDebug']) && ($_GET['phpThumbDebug'] == '0')) {
    $phpThumb->phpThumbDebug();
}
////////////////////////////////////////////////////////////////
// returned the fixed string if the evil "magic_quotes_gpc" setting is on
if (get_magic_quotes_gpc()) {
    // deprecated: 'err', 'file', 'goto',
    $RequestVarsToStripSlashes = array('src', 'wmf', 'down');
    foreach ($RequestVarsToStripSlashes as $key) {
        if (isset($_GET[$key])) {
            if (is_string($_GET[$key])) {
                $_GET[$key] = stripslashes($_GET[$key]);
            } else {
                unset($_GET[$key]);
            }
        }
    }
}

if (empty($_SERVER['PATH_INFO']) && empty($_SERVER['QUERY_STRING'])) {
    $phpThumb->config_disable_debug = false; // otherwise error message won't print
    $phpThumb->ErrorImage('ERROR: no parameters specified');
}

if (@$_GET['src'] && isset($_GET['md5s']) && empty($_GET['md5s'])) {
    if (preg_match('#^(f|ht)tps?://#i', $_GET['src'])) {
        if ($rawImageData = phpthumb_functions::SafeURLread($_GET['src'], $error, $phpThumb->config_http_fopen_timeout, $phpThumb->config_http_follow_redirect)) {
            $md5s = md5($rawImageData);
        }
    } else {
        $SourceFilename = $phpThumb->ResolveFilenameToAbsolute($_GET['src']);
        if (is_readable($SourceFilename)) {
            $md5s = phpthumb_functions::md5_file_safe($SourceFilename);
        } else {
            $phpThumb->ErrorImage('ERROR: "' . $SourceFilename . '" cannot be read');
        }
    }
    if (@$_SERVER['HTTP_REFERER']) {
        $phpThumb->ErrorImage('&md5s=' . $md5s);
    } else {
        die('&md5s=' . $md5s);
    }
}

if (!empty($PHPTHUMB_CONFIG)) {
    foreach ($PHPTHUMB_CONFIG as $key => $value) {
        $keyname = 'config_' . $key;
        $phpThumb->setParameter($keyname, $value);
        if (!preg_match('#(password|mysql)#i', $key)) {
            $phpThumb->DebugMessage('setParameter(' . $keyname . ', ' . $phpThumb->phpThumbDebugVarDump($value) . ')', __FILE__, __LINE__);
        }
    }
} else {
    $phpThumb->DebugMessage('$PHPTHUMB_CONFIG is empty', __FILE__, __LINE__);
}

if (@$_GET['src'] && !@$PHPTHUMB_CONFIG['allow_local_http_src'] && preg_match('#^http://' . @$_SERVER['HTTP_HOST'] . '(.+)#i', @$_GET['src'], $matches)) {
    $phpThumb->ErrorImage('It is MUCH better to specify the "src" parameter as "' . $matches[1] . '" instead of "' . $matches[0] . '".' . "\n\n" . 'If you really must do it this way, enable "allow_local_http_src" in phpThumb.config.php');
}

////////////////////////////////////////////////////////////////
// Debug output, to try and help me diagnose problems
$phpThumb->DebugTimingMessage('phpThumbDebug[1]', __FILE__, __LINE__);
if (isset($_GET['phpThumbDebug']) && ($_GET['phpThumbDebug'] == '1')) {
    $phpThumb->phpThumbDebug();
}
////////////////////////////////////////////////////////////////

$parsed_url_referer = phpthumb_functions::ParseURLbetter(@$_SERVER['HTTP_REFERER']);
if ($phpThumb->config_nooffsitelink_require_refer && !in_array(@$parsed_url_referer['host'], $phpThumb->config_nohotlink_valid_domains)) {
    $phpThumb->ErrorImage('config_nooffsitelink_require_refer enabled and ' . (@$parsed_url_referer['host'] ? '"' . $parsed_url_referer['host'] . '" is not an allowed referer' : 'no HTTP_REFERER exists'));
}
$parsed_url_src = phpthumb_functions::ParseURLbetter(@$_GET['src']);
if ($phpThumb->config_nohotlink_enabled && $phpThumb->config_nohotlink_erase_image && preg_match('#^(f|ht)tps?://#i', @$_GET['src']) && !in_array(@$parsed_url_src['host'], $phpThumb->config_nohotlink_valid_domains)) {
    $phpThumb->ErrorImage($phpThumb->config_nohotlink_text_message);
}

if ($phpThumb->config_mysql_query) {
    if ($cid = @mysql_connect($phpThumb->config_mysql_hostname, $phpThumb->config_mysql_username, $phpThumb->config_mysql_password)) {
        if (@mysql_select_db($phpThumb->config_mysql_database, $cid)) {
            if ($result = @mysql_query($phpThumb->config_mysql_query, $cid)) {
                if ($row = @mysql_fetch_array($result)) {

                    mysql_free_result($result);
                    mysql_close($cid);
                    $phpThumb->setSourceData($row[0]);
                    unset($row);
                } else {
                    mysql_free_result($result);
                    mysql_close($cid);
                    $phpThumb->ErrorImage('no matching data in database.');
                }
            } else {
                mysql_close($cid);
                $phpThumb->ErrorImage('Error in MySQL query: "' . mysql_error($cid) . '"');
            }
        } else {
            mysql_close($cid);
            $phpThumb->ErrorImage('cannot select MySQL database: "' . mysql_error($cid) . '"');
        }
    } else {
        $phpThumb->ErrorImage('cannot connect to MySQL server');
    }
    unset($_GET['id']);
}

////////////////////////////////////////////////////////////////
// Debug output, to try and help me diagnose problems
$phpThumb->DebugTimingMessage('phpThumbDebug[2]', __FILE__, __LINE__);
if (isset($_GET['phpThumbDebug']) && ($_GET['phpThumbDebug'] == '2')) {
    $phpThumb->phpThumbDebug();
}
////////////////////////////////////////////////////////////////

$PHPTHUMB_DEFAULTS_DISABLEGETPARAMS = (bool) (@$PHPTHUMB_CONFIG['cache_default_only_suffix'] && (strpos($PHPTHUMB_CONFIG['cache_default_only_suffix'], '*') !== false));

if (!empty($PHPTHUMB_DEFAULTS) && is_array($PHPTHUMB_DEFAULTS)) {
    $phpThumb->DebugMessage('setting $PHPTHUMB_DEFAULTS[' . implode(';', array_keys($PHPTHUMB_DEFAULTS)) . ']', __FILE__, __LINE__);
    foreach ($PHPTHUMB_DEFAULTS as $key => $value) {
        if ($PHPTHUMB_DEFAULTS_GETSTRINGOVERRIDE || !isset($_GET[$key])) {
            $_GET[$key] = $value;
            $phpThumb->DebugMessage('PHPTHUMB_DEFAULTS assigning (' . $value . ') to $_GET[' . $key . ']', __FILE__, __LINE__);
        }
    }
}

// deprecated: 'err', 'file', 'goto',
$allowedGETparameters = array('src', 'new', 'w', 'h', 'wp', 'hp', 'wl', 'hl', 'ws', 'hs', 'f', 'q', 'sx', 'sy', 'sw', 'sh', 'zc', 'bc', 'bg', 'bgt', 'fltr', 'xto', 'ra', 'ar', 'aoe', 'far', 'iar', 'maxb', 'down', 'phpThumbDebug', 'hash', 'md5s', 'sfn', 'dpi', 'sia', 'nocache');
foreach ($_GET as $key => $value) {
    if (!empty($PHPTHUMB_DEFAULTS_DISABLEGETPARAMS) && ($key != 'src')) {
        // disabled, do not set parameter
        $phpThumb->DebugMessage('ignoring $_GET[' . $key . '] because of $PHPTHUMB_DEFAULTS_DISABLEGETPARAMS', __FILE__, __LINE__);
    } elseif (in_array($key, $allowedGETparameters)) {
        $phpThumb->DebugMessage('setParameter(' . $key . ', ' . $phpThumb->phpThumbDebugVarDump($value) . ')', __FILE__, __LINE__);
        $phpThumb->setParameter($key, $value);
    } else {
        $phpThumb->ErrorImage('Forbidden parameter: ' . $key);
    }
}

////////////////////////////////////////////////////////////////
// Debug output, to try and help me diagnose problems
$phpThumb->DebugTimingMessage('phpThumbDebug[3]', __FILE__, __LINE__);
if (isset($_GET['phpThumbDebug']) && ($_GET['phpThumbDebug'] == '3')) {
    $phpThumb->phpThumbDebug();
}
////////////////////////////////////////////////////////////////
//if (!@$_GET['phpThumbDebug'] && !is_file($phpThumb->sourceFilename) && !phpthumb_functions::gd_version()) {
//	if (!headers_sent()) {
//		// base64-encoded error image in GIF format
//		$ERROR_NOGD = 'R0lGODlhIAAgALMAAAAAABQUFCQkJDY2NkZGRldXV2ZmZnJycoaGhpSUlKWlpbe3t8XFxdXV1eTk5P7+/iwAAAAAIAAgAAAE/vDJSau9WILtTAACUinDNijZtAHfCojS4W5H+qxD8xibIDE9h0OwWaRWDIljJSkUJYsN4bihMB8th3IToAKs1VtYM75cyV8sZ8vygtOE5yMKmGbO4jRdICQCjHdlZzwzNW4qZSQmKDaNjhUMBX4BBAlmMywFSRWEmAI6b5gAlhNxokGhooAIK5o/pi9vEw4Lfj4OLTAUpj6IabMtCwlSFw0DCKBoFqwAB04AjI54PyZ+yY3TD0ss2YcVmN/gvpcu4TOyFivWqYJlbAHPpOntvxNAACcmGHjZzAZqzSzcq5fNjxFmAFw9iFRunD1epU6tsIPmFCAJnWYE0FURk7wJDA0MTKpEzoWAAskiAAA7';
//		header('Content-Type: image/gif');
//		echo base64_decode($ERROR_NOGD);
//	} else {
//		echo '*** ERROR: No PHP-GD support available ***';
//	}
//	exit;
//}
// check to see if file can be output from source with no processing or caching
$CanPassThroughDirectly = true;
if ($phpThumb->rawImageData) {
    // data from SQL, should be fine
} elseif (preg_match('#^http\://[^\\?&]+\\.(jpe?g|gif|png)$#i', $phpThumb->src)) {
    // assume is ok to passthru if no other parameters specified
} elseif (preg_match('#^(f|ht)tp\://#i', $phpThumb->src)) {
    $phpThumb->DebugMessage('$CanPassThroughDirectly=false because preg_match("#^(f|ht)tp\://#i", ' . $phpThumb->src . ')', __FILE__, __LINE__);
    $CanPassThroughDirectly = false;
} elseif (!@is_readable($phpThumb->sourceFilename)) {
    $phpThumb->DebugMessage('$CanPassThroughDirectly=false because !@is_readable(' . $phpThumb->sourceFilename . ')', __FILE__, __LINE__);
    $CanPassThroughDirectly = false;
} elseif (!@is_file($phpThumb->sourceFilename)) {
    $phpThumb->DebugMessage('$CanPassThroughDirectly=false because !@is_file(' . $phpThumb->sourceFilename . ')', __FILE__, __LINE__);
    $CanPassThroughDirectly = false;
}
foreach ($_GET as $key => $value) {
    switch ($key) {
        case 'src':
            // allowed
            break;

        case 'w':
        case 'h':
            // might be OK if exactly matches original
            if (preg_match('#^http\://[^\\?&]+\\.(jpe?g|gif|png)$#i', $phpThumb->src)) {
                // assume it is not ok for direct-passthru of remote image
                $CanPassThroughDirectly = false;
            }
            break;

        case 'phpThumbDebug':
            // handled in direct-passthru code
            break;

        default:
            // all other parameters will cause some processing,
            // therefore cannot pass through original image unmodified
            $CanPassThroughDirectly = false;
            $UnAllowedGET[] = $key;
            break;
    }
}
if (!empty($UnAllowedGET)) {
    $phpThumb->DebugMessage('$CanPassThroughDirectly=false because $_GET[' . implode(';', array_unique($UnAllowedGET)) . '] are set', __FILE__, __LINE__);
}

////////////////////////////////////////////////////////////////
// Debug output, to try and help me diagnose problems
$phpThumb->DebugTimingMessage('phpThumbDebug[4]', __FILE__, __LINE__);
if (isset($_GET['phpThumbDebug']) && ($_GET['phpThumbDebug'] == '4')) {
    $phpThumb->phpThumbDebug();
}
////////////////////////////////////////////////////////////////

$phpThumb->DebugMessage('$CanPassThroughDirectly="' . intval($CanPassThroughDirectly) . '" && $phpThumb->src="' . $phpThumb->src . '"', __FILE__, __LINE__);
while ($CanPassThroughDirectly && $phpThumb->src) {
    // no parameters set, passthru

    if (preg_match('#^http\://[^\\?&]+\.(jpe?g|gif|png)$#i', $phpThumb->src)) {
        $phpThumb->DebugMessage('Passing HTTP source through directly as Location: redirect (' . $phpThumb->src . ')', __FILE__, __LINE__);
        header('Location: ' . $phpThumb->src);
        exit;
    }

    $SourceFilename = $phpThumb->ResolveFilenameToAbsolute($phpThumb->src);

    // security and size checks
    if ($phpThumb->getimagesizeinfo = @GetImageSize($SourceFilename)) {
        $phpThumb->DebugMessage('Direct passthru GetImageSize() returned [w=' . $phpThumb->getimagesizeinfo[0] . ';h=' . $phpThumb->getimagesizeinfo[1] . ';t=' . $phpThumb->getimagesizeinfo[2] . ']', __FILE__, __LINE__);

        if (!@$_GET['w'] && !@$_GET['wp'] && !@$_GET['wl'] && !@$_GET['ws'] && !@$_GET['h'] && !@$_GET['hp'] && !@$_GET['hl'] && !@$_GET['hs']) {
            // no resizing needed
            $phpThumb->DebugMessage('Passing "' . $SourceFilename . '" through directly, no resizing required ("' . $phpThumb->getimagesizeinfo[0] . '"x"' . $phpThumb->getimagesizeinfo[1] . '")', __FILE__, __LINE__);
        } elseif (($phpThumb->getimagesizeinfo[0] <= @$_GET['w']) && ($phpThumb->getimagesizeinfo[1] <= @$_GET['h']) && ((@$_GET['w'] == $phpThumb->getimagesizeinfo[0]) || (@$_GET['h'] == $phpThumb->getimagesizeinfo[1]))) {
            // image fits into 'w'x'h' box, and at least one dimension matches exactly, therefore no resizing needed
            $phpThumb->DebugMessage('Passing "' . $SourceFilename . '" through directly, no resizing required ("' . $phpThumb->getimagesizeinfo[0] . '"x"' . $phpThumb->getimagesizeinfo[1] . '" fits inside "' . @$_GET['w'] . '"x"' . @$_GET['h'] . '")', __FILE__, __LINE__);
        } else {
            $phpThumb->DebugMessage('Not passing "' . $SourceFilename . '" through directly because resizing required (from "' . $phpThumb->getimagesizeinfo[0] . '"x"' . $phpThumb->getimagesizeinfo[1] . '" to "' . @$_GET['w'] . '"x"' . @$_GET['h'] . '")', __FILE__, __LINE__);
            break;
        }
        switch ($phpThumb->getimagesizeinfo[2]) {
            case 1: // GIF
            case 2: // JPG
            case 3: // PNG
                // great, let it through
                break;
            default:
                // browser probably can't handle format, remangle it to JPEG/PNG/GIF
                $phpThumb->DebugMessage('Not passing "' . $SourceFilename . '" through directly because $phpThumb->getimagesizeinfo[2] = "' . $phpThumb->getimagesizeinfo[2] . '"', __FILE__, __LINE__);
                break 2;
        }

        $ImageCreateFunctions = array(1 => 'ImageCreateFromGIF', 2 => 'ImageCreateFromJPEG', 3 => 'ImageCreateFromPNG');
        $theImageCreateFunction = @$ImageCreateFunctions[$phpThumb->getimagesizeinfo[2]];
        if ($phpThumb->config_disable_onlycreateable_passthru || (function_exists($theImageCreateFunction) && ($dummyImage = @$theImageCreateFunction($SourceFilename)))) {

            // great
            if (@is_resource($dummyImage)) {
                unset($dummyImage);
            }

            if (headers_sent()) {
                $phpThumb->ErrorImage('Headers already sent (' . basename(__FILE__) . ' line ' . __LINE__ . ')');
                exit;
            }
            if (@$_GET['phpThumbDebug']) {
                $phpThumb->DebugTimingMessage('skipped direct $SourceFilename passthru', __FILE__, __LINE__);
                $phpThumb->DebugMessage('Would have passed "' . $SourceFilename . '" through directly, but skipping due to phpThumbDebug', __FILE__, __LINE__);
                break;
            }

            SendSaveAsFileHeaderIfNeeded();
            header('Last-Modified: ' . gmdate('D, d M Y H:i:s', @filemtime($SourceFilename)) . ' GMT');
            if ($contentType = phpthumb_functions::ImageTypeToMIMEtype(@$phpThumb->getimagesizeinfo[2])) {
                header('Content-Type: ' . $contentType);
            }
            @readfile($SourceFilename);
            exit;
        } else {
            $phpThumb->DebugMessage('Not passing "' . $SourceFilename . '" through directly because ($phpThumb->config_disable_onlycreateable_passthru = "' . $phpThumb->config_disable_onlycreateable_passthru . '") and ' . $theImageCreateFunction . '() failed', __FILE__, __LINE__);
            break;
        }
    } else {
        $phpThumb->DebugMessage('Not passing "' . $SourceFilename . '" through directly because GetImageSize() failed', __FILE__, __LINE__);
        break;
    }
    break;
}

////////////////////////////////////////////////////////////////
// Debug output, to try and help me diagnose problems
$phpThumb->DebugTimingMessage('phpThumbDebug[5]', __FILE__, __LINE__);
if (isset($_GET['phpThumbDebug']) && ($_GET['phpThumbDebug'] == '5')) {
    $phpThumb->phpThumbDebug();
}
////////////////////////////////////////////////////////////////
// check to see if file already exists in cache, and output it with no processing if it does
$phpThumb->SetCacheFilename();
if (@is_readable($phpThumb->cache_filename)) {
    RedirectToCachedFile();
} else {
    $phpThumb->DebugMessage('Cached file "' . $phpThumb->cache_filename . '" does not exist, processing as normal', __FILE__, __LINE__);
}

////////////////////////////////////////////////////////////////
// Debug output, to try and help me diagnose problems
$phpThumb->DebugTimingMessage('phpThumbDebug[6]', __FILE__, __LINE__);
if (isset($_GET['phpThumbDebug']) && ($_GET['phpThumbDebug'] == '6')) {
    $phpThumb->phpThumbDebug();
}
////////////////////////////////////////////////////////////////

if ($phpThumb->rawImageData) {

    // great
} elseif (!empty($_GET['new'])) {

    // generate a blank image resource of the specified size/background color/opacity
    if (($phpThumb->w <= 0) || ($phpThumb->h <= 0)) {
        $phpThumb->ErrorImage('"w" and "h" parameters required for "new"');
    }
    @list($bghexcolor, $opacity) = explode('|', $_GET['new']);
    if (!phpthumb_functions::IsHexColor($bghexcolor)) {
        $phpThumb->ErrorImage('BGcolor parameter for "new" is not valid');
    }
    $opacity = (strlen($opacity) ? $opacity : 100);
    if ($phpThumb->gdimg_source = phpthumb_functions::ImageCreateFunction($phpThumb->w, $phpThumb->h)) {
        $alpha = (100 - min(100, max(0, $opacity))) * 1.27;
        if ($alpha) {
            $phpThumb->setParameter('is_alpha', true);
            ImageAlphaBlending($phpThumb->gdimg_source, false);
            ImageSaveAlpha($phpThumb->gdimg_source, true);
        }
        $new_background_color = phpthumb_functions::ImageHexColorAllocate($phpThumb->gdimg_source, $bghexcolor, false, $alpha);
        ImageFilledRectangle($phpThumb->gdimg_source, 0, 0, $phpThumb->w, $phpThumb->h, $new_background_color);
    } else {
        $phpThumb->ErrorImage('failed to create "new" image (' . $phpThumb->w . 'x' . $phpThumb->h . ')');
    }
} elseif (!$phpThumb->src) {

    $phpThumb->ErrorImage('Usage: ' . $_SERVER['PHP_SELF'] . '?src=/path/and/filename.jpg' . "\n" . 'read Usage comments for details');
} elseif (preg_match('#^(f|ht)tp\://#i', $phpThumb->src)) {

    $phpThumb->DebugMessage('$phpThumb->src (' . $phpThumb->src . ') is remote image, attempting to download', __FILE__, __LINE__);
    if ($phpThumb->config_http_user_agent) {
        $phpThumb->DebugMessage('Setting "user_agent" to "' . $phpThumb->config_http_user_agent . '"', __FILE__, __LINE__);
        ini_set('user_agent', $phpThumb->config_http_user_agent);
    }
    $cleanedupurl = phpthumb_functions::CleanUpURLencoding($phpThumb->src);
    $phpThumb->DebugMessage('CleanUpURLencoding(' . $phpThumb->src . ') returned "' . $cleanedupurl . '"', __FILE__, __LINE__);
    $phpThumb->src = $cleanedupurl;
    unset($cleanedupurl);
    if ($rawImageData = phpthumb_functions::SafeURLread($phpThumb->src, $error, $phpThumb->config_http_fopen_timeout, $phpThumb->config_http_follow_redirect)) {
        $phpThumb->DebugMessage('SafeURLread(' . $phpThumb->src . ') succeeded' . ($error ? ' with messsages: "' . $error . '"' : ''), __FILE__, __LINE__);
        $phpThumb->DebugMessage('Setting source data from URL "' . $phpThumb->src . '"', __FILE__, __LINE__);
        $phpThumb->setSourceData($rawImageData, urlencode($phpThumb->src));
    } else {
        $phpThumb->ErrorImage($error);
    }
}

////////////////////////////////////////////////////////////////
// Debug output, to try and help me diagnose problems
$phpThumb->DebugTimingMessage('phpThumbDebug[7]', __FILE__, __LINE__);
if (isset($_GET['phpThumbDebug']) && ($_GET['phpThumbDebug'] == '7')) {
    $phpThumb->phpThumbDebug();
}
////////////////////////////////////////////////////////////////

$phpThumb->GenerateThumbnail();

////////////////////////////////////////////////////////////////
// Debug output, to try and help me diagnose problems
$phpThumb->DebugTimingMessage('phpThumbDebug[8]', __FILE__, __LINE__);
if (isset($_GET['phpThumbDebug']) && ($_GET['phpThumbDebug'] == '8')) {
    $phpThumb->phpThumbDebug();
}
////////////////////////////////////////////////////////////////

if (!empty($PHPTHUMB_CONFIG['high_security_enabled']) && !empty($_GET['nocache'])) {

    // cache disabled, don't write cachefile
} else {

    phpthumb_functions::EnsureDirectoryExists(dirname($phpThumb->cache_filename));
    if (is_writable(dirname($phpThumb->cache_filename)) || (file_exists($phpThumb->cache_filename) && is_writable($phpThumb->cache_filename))) {

        $phpThumb->CleanUpCacheDirectory();
        if ($phpThumb->RenderToFile($phpThumb->cache_filename) && is_readable($phpThumb->cache_filename)) {
            chmod($phpThumb->cache_filename, 0644);
            RedirectToCachedFile();
        } else {
            $phpThumb->DebugMessage('Failed: RenderToFile(' . $phpThumb->cache_filename . ')', __FILE__, __LINE__);
        }
    } else {

        $phpThumb->DebugMessage('Cannot write to $phpThumb->cache_filename (' . $phpThumb->cache_filename . ') because that directory (' . dirname($phpThumb->cache_filename) . ') is not writable', __FILE__, __LINE__);
    }
}

////////////////////////////////////////////////////////////////
// Debug output, to try and help me diagnose problems
$phpThumb->DebugTimingMessage('phpThumbDebug[9]', __FILE__, __LINE__);
if (isset($_GET['phpThumbDebug']) && ($_GET['phpThumbDebug'] == '9')) {
    $phpThumb->phpThumbDebug();
}
////////////////////////////////////////////////////////////////

if (!$phpThumb->OutputThumbnail()) {
    $phpThumb->ErrorImage('Error in OutputThumbnail():' . "\n" . $phpThumb->debugmessages[(count($phpThumb->debugmessages) - 1)]);
}

////////////////////////////////////////////////////////////////
// Debug output, to try and help me diagnose problems
$phpThumb->DebugTimingMessage('phpThumbDebug[10]', __FILE__, __LINE__);
if (isset($_GET['phpThumbDebug']) && ($_GET['phpThumbDebug'] == '10')) {
    $phpThumb->phpThumbDebug();
}
////////////////////////////////////////////////////////////////
?>